OpenSearch: How to Fix Security Analytics Error When You Try to Create a New Detector

Sometimes, you can encounter an error shown at the bottom right when you try to create a detector or click on security analytics or any other links within the analytics.
For example, in the screenshot below:

To fix that:
Option 1:

  • Go to Index Management > Indexes
  • Search for the index .opensearch-sap-log-types-config
  • Delete it.

An example is in the screenshot below:

  • Go to Security Analytics Threat detectors Log types

 Now you can see lists of Log types.

If you don’t find index .opensearch-sap-log-types-config
Option 2:

  • Go to Dev Tools
  • Use this command:
GET .opensearch-sap-log-types-config

You will see:

  • Use this command
DELETE .opensearch-sap-log-types-config

Now, everything works fine, and you can Create a New Detector.

The post OpenSearch: How to Fix Security Analytics Error When You Try to Create a New Detector appeared first on SOC Prime.